Hi, I would like to get a second opinion on the MBR
CAUTION : This fix is only valid for this specific machine, using it on another may break your computer Open
notepad and copy/paste the text in the quotebox below into it:
CreateRestorePoint:
HKU\S-1-5-18\...409d6c4515e9\InprocServer32: [Default-shell32] SHELL32.dll ATTENTION! ====> ZeroAccess?
BHO: No Name -> {0347C33E-8762-4905-BF09-768834316C61} -> No File
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: No Name -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> No File
DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234}
FF Extension: No Name - C:\Documents and Settings\Administrator.TROJAN-CE93127E\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\links@freeworkz.com [2015-02-18]
EmptyTemp:
CMD: bitsadmin /reset /allusers
Save this as
fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that
THENPlease download
AdwCleaner by Xplode onto your desktop.
- Close all open programs and internet browsers.
- Double click on AdwCleaner.exe to run the tool.
- Click on Scan.
- After the scan is complete click on "Clean"
- Confirm each time with Ok.
- Your computer will be rebooted automatically. A text file will open after the restart.
- Please post the content of that logfile with your next answer.
- You can find the logfile at C:\AdwCleaner[S1].txt as well.
FINALLYDownload the latest version of TDSSKiller from
here and save it to your Desktop.
- Doubleclick on TDSSKiller.exe to run the application
- Then click on Change parameters.
- Check the boxes beside Verify Driver Digital Signature, Detect TDLFS file system and Use KSN to scan objects , then click OK.
- Click the Start Scan button.
- If a suspicious object is detected, the default action will be Skip, click on Continue.
- If malicious objects are found, they will show in the Scan results and offer three (3) options.
- Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
- Get the report by selecting Reports
- Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
Please copy and paste its contents on your next reply.